Lucene search
+L

4 matches found

Tenable Nessus
Tenable Nessus
added 2024/03/22 12:0 a.m.48 views

Oracle Linux 8 : nodejs:16 (ELSA-2024-1444)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1444 advisory. - reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks Resolves: CVE-2024-22019 nodejs-nodemon nodejs-packaging Tenable h...

7.5CVSS7.2AI score0.99999EPSS
Exploits19References3
Tenable Nessus
Tenable Nessus
added 2024/03/01 12:0 a.m.46 views

SUSE SLES15 Security Update : nodejs14 (SUSE-SU-2024:0732-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0732-1 advisory. Security issues fixed: CVE-2023-46809: Node.js is vulnerable to the Marvin Attack timing variant of the Bleichenbacher attack again...

7.5CVSS6.8AI score0.03168EPSS
Exploits1References13
UbuntuCve
UbuntuCve
added 2024/02/20 2:15 a.m.35 views

CVE-2024-22019

A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP request with chunked encoding, leading to resource exhaustion and denial of service DoS. The server reads an unbounded number of bytes from a single connection, exploiting the lack of limitations on chunk...

7.5CVSS6.9AI score0.03168EPSS
Exploits0References3
Hacker One
Hacker One
added 2023/10/30 9:18 p.m.42 views

Node.js: http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks

A vulnerability in Node.js HTTP servers was discovered that allowed denial of service DoS attacks. By sending specially crafted HTTP requests with chunked encoding, an attacker could cause resource exhaustion on the server. The lack of limitations on chunk extension bytes enabled the server to re...

7.5CVSS7.5AI score0.03168EPSS
Exploits0
Rows per page
Query Builder